The digital transformation of the global economy has hardly been slow in the past 20 years. The first mobile phone arrived in
1989. The world wide web is 30 years old and has been broadly accessible for the past 25, while the mobile internet, just 15
years of age, is approaching full global penetration. E-commerce has rapidly expanded, and digital payments platforms leading to
a broader set of digitally-enabled financial services have seen double digit growth, especially in China.

Looking at technological enablement across sectors and regions, the gating factor with respect to growth typically is not just
the state of the technology itself, but rather the speed with which individuals, organizations, and complex systems are willing
or able to change. This resistance to change is sometimes referred to as inertia, by analogy with the physics we all learned in
high school, where to put a body with some mass in motion or to change its speed or direction requires the application of
some force.

Click to download

This report aims to demonstrate the state of full stack security based on thousands of security assessments performed globally, as delivered by the Edgescan SaaS during 2020. I am still as passionate as ever in compiling this report and delving into the underlying data, as it
gives unique insight into what’s going on from a trends and statistics perspective and indeed a snapshot of the overall state of cyber security.
The Edgescan report has become a reliable source for truly representing the global state of cyber security vulnerability management. This
is becoming more evident as our unique dataset is now also part of other annual security analysis reports, such as the OWASP Top 10 and Verizon DBIR (we are happy contributors for many years now).

This year we took a deeper look at vulnerability metrics from a known vulnerability (CVE), Malware, Ransomware and visibility standpoint (exposed services), coupling both internal and public Internet-facing systems.

Click to download

An assessment of pioneering implementations in public services

In less than ten years from its advent in 2008, the concept of distributed ledgers has entered into mainstream research and policy agendas. Enthusiastic reception, fuelled by the success of Bitcoin and the explosion of potential use cases created high, if not hyped, expectations with respect to the transformative role of blockchain for the industry and the public sector. Growing experimentation with distributed ledgers and the emergence of the first operational implementations provide an opportunity to go beyond hype and
speculation based on theoretical use cases.

This report looks at the ongoing exploration of blockchain technology by governments. The analysis of a group of pioneering developments of public services shows that blockchain technology can reduce bureaucracy, increase the efficiency of administrative processes and increase the level of trust in public recordkeeping. Based on the state-ofart developments, blockchain has not yet demonstrated to be either transformative or even disruptive innovation for governments as it is sometimes portrayed. Ongoing projects bring incremental rather than fundamental changes to the operational capacities of governments. Nevertheless some of them propose clear value for citizens.

Click to download

Defining and communicating your Board’s Information Risk Regime is central to your organisation’s overall cyber security strategy. The National Cyber Security Centre recommends you review this regime – together with the nine associated security areas described below, in order to protect your business against the majority of cyber attacks.

(more…)

Cellular networks will be transitioning from 4G to 5G, and 5G networks will provide increased cybersecurity protections. This project will identify several 5G use case scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet industry sectors’ compliance requirements. The project will demonstrate how commercial and open source products can leverage cybersecurity standards and recommended practices for each of the 5G use case scenarios, as well as showcase how 5G security features can be utilized. A phased approach will be employed to align with the development pace of 5G technology and availability of commercial 5G technology.

This iterative approach will provide the flexibility to add to the project as the phases evolve to take advantage of newly introduced security capabilities. This project will result in a freely available NIST Cybersecurity Practice Guide.This document describes several security considerations as industry is preparing for a migration to the 5th generation (5G) mobile network. The NCCoE cybersecurity team will develop approaches and proposed solutions in collaboration with a Community of Interest, equipment vendors, and telecommunication providers.

Click to download